Cybersecurity Field Overview

Cybersecurity has its foundations in information assurance, computer security, and information systems security. Today, the domain of cybersecurity encompasses all those fields and more. Cybersecurity professionals are primarily interested in how to best secure the data/information/knowledge contained within a system in addition to securing access and use of digital systems. When breaches of systems and their data occur, cybersecurity personnel perform investigations of systems in attempts to discover the breadth of data compromised, any data modifications, and any system alterations to include additions of malware to a system. The cyber team also attempts to determine any related digital systems, storage media, and network devices which might have also been affected.

Roles

Note that some of the roles that cybersecurity personnel may find themselves involved in include:

  1. assessing system vulnerabilities
  2. determining potential threats to systems
  3. assessing risks to systems
  4. performing penetration (white-hat) hacking of systems
  5. performing forensics on systems that have been breached or attacked
  6. auditing systems for security compliance and strength assessments
  7. recommending enhancements to system and data security
  8. performing as a subject matter expert witness at court and legal case proceedings
  9. making recommendations to policy and legal experts on cyber issues

The nature of these roles will change over time, some rapidly. Know that the evolution of cybersecurity is driven by changes in policy, standards, and legislation in response to evolving threats and risks to digital networks, computing resources, and data/information processing and storage. Threats and incidents occur across all industry and government domains of business internationally. One of the challenges for cybersecurity professionals is to keep apprised of the current trends in their field, to include:

  • trends in system vulnerabilities and risks,
  • best practices in tools, techniques, and practices to assess threats, malware, and types of attacks,
  • mitigation strategies, tools, and techniques to counter threats,
  • training requirements and certifications,
  • evolving standards, policies, governance, and legal compliance regulations, and
  • interaction with industry and government to gather their lessons learned.